Summary

Severity:

High

Confidence:

Tentative

Host:

http://ads2.adbrite.com

Path:

/v0/ad

Issue detail

The zs parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the zs parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Summary

Severity:

High

Confidence:

Tentative

Host:

http://bizinformation.co

Path:

/www.onlinemicrofiche.com

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 15684007'%20or%201%3d1--%20 and 15684007'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /www.onlinemicrofiche.com15684007' or 1=1-- on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.co Port 80</address></body></html>

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /www.onlinemicrofiche.com15684007' or 1=2-- was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.co Port 80</address></body></html>

Summary

Severity:

High

Confidence:

Tentative

Host:

http://bizinformation.co

Path:

/www.onlinemicrofiche.com

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 11607392%20or%201%3d1--%20 and 11607392%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /www.onlinemicrofiche.comon this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.co Port 80</address></body></html>

Summary

Severity:

High

Confidence:

Tentative

Host:

http://bizinformation.com

Path:

/favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 96146940'%20or%201%3d1--%20 and 96146940'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /favicon.ico96146940' or 1=1-- on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.com Port 80</address></body></html>

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /favicon.ico96146940' or 1=2-- was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.com Port 80</address></body></html>

Summary

Severity:

High

Confidence:

Tentative

Host:

http://bizinformation.com

Path:

/favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 14947488%20or%201%3d1--%20 and 14947488%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /favicon.icoon this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.com Port 80</address></body></html>

Summary

Severity:

High

Confidence:

Tentative

Host:

http://bizinformation.com

Path:

/images/fl/0.gif

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 14518373'%20or%201%3d1--%20 and 14518373'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /images14518373' or 1=1-- /fl/0.gifon this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.com Port 80</address></body></html>

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /images14518373' or 1=2-- /fl/0.gif was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.com Port 80</address></body></html>

Summary

Severity:

High

Confidence:

Tentative

Host:

http://bizinformation.com

Path:

/images/fl/0.gif

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 13133889'%20or%201%3d1--%20 and 13133889'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /images/fl13133889' or 1=1-- /0.gifon this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.com Port 80</address></body></html>

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /images/fl13133889' or 1=2-- /0.gif was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.com Port 80</address></body></html>

Summary

Severity:

High

Confidence:

Tentative

Host:

http://bizinformation.com

Path:

/images/fl/0.gif

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 44557888'%20or%201%3d1--%20 and 44557888'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /images/fl/0.gif44557888' or 1=1-- on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.com Port 80</address></body></html>

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /images/fl/0.gif44557888' or 1=2-- was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.com Port 80</address></body></html>

Summary

Severity:

High

Confidence:

Tentative

Host:

http://bizinformation.com

Path:

/images/fl/0.gif

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 10237900%20or%201%3d1--%20 and 10237900%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /images/fl/0.gifon this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.com Port 80</address></body></html>

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /images/fl/0.gif was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at bizinformation.com Port 80</address></body></html>

Summary

Severity:

High

Confidence:

Tentative

Host:

http://googleads.g.doubleclick.net

Path:

/pagead/ads

Issue detail

The p parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the p parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/index_cblogs-mini.phtml

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 1, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/index_cblogs-mini.phtml

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 2, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/login.phtml

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 1, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/login.phtml

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 2, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/signup.phtml

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 1, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/signup.phtml

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 2, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/templates/features.css

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 1, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/templates/features.css

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 2, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/templates/features.css

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 3, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/templates/styles2011.css

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 1, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/templates/styles2011.css

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 2, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/elephant/templates/styles2011.css

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 3, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.japanator.com

Path:

/favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 1, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Summary

Severity:

High

Confidence:

Tentative

Host:

http://www.n1-models.com

Path:

/favicon.ico

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Summary

Severity:

High

Confidence:

Tentative

Host:

http://www.ourprayer.org

Path:

/favicon.ico

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Summary

Severity:

High

Confidence:

Tentative

Host:

http://www.ourprayer.org

Path:

/favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.seoq.com

Path:

/quotient/2011/04/22/1797/N

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 5, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' and ' at line 1</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Certain

Host:

http://www.seoq.com

Path:

/quotient/2011/04/22/1797/N

Issue detail

The REST URL parameter 6 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 6, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response 1

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''N'' ORDER BY `report_date` DESC LIMIT 2' at line 2</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.seoq.com

Path:

/quotient/2011/04/22/1798/N

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 5, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' and ' at line 1</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Certain

Host:

http://www.seoq.com

Path:

/quotient/2011/04/22/1798/N

Issue detail

The REST URL parameter 6 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 6, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''N'' ORDER BY `report_date` DESC LIMIT 2' at line 2</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.seoq.com

Path:

/quotient/2011/04/22/2270/N

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 5, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' and ' at line 1</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Certain

Host:

http://www.seoq.com

Path:

/quotient/2011/04/22/2270/N

Issue detail

The REST URL parameter 6 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 6, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response 1

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''N'' ORDER BY `report_date` DESC LIMIT 2' at line 2</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.seoq.com

Path:

/quotient/2011/04/22/2271/N

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 5, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' and ' at line 1</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Certain

Host:

http://www.seoq.com

Path:

/quotient/2011/04/22/2271/N

Issue detail

The REST URL parameter 6 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 6, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response 1

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''N'' ORDER BY `report_date` DESC LIMIT 2' at line 2</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.seoq.com

Path:

/quotient/2011/04/22/2272/N

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 5, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' and ' at line 1</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Certain

Host:

http://www.seoq.com

Path:

/quotient/2011/04/22/2272/N

Issue detail

The REST URL parameter 6 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 6, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response 1

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''N'' ORDER BY `report_date` DESC LIMIT 2' at line 2</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.seoq.com

Path:

/quotient/2011/05/01/2837/N

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 5, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' and ' at line 1</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Certain

Host:

http://www.seoq.com

Path:

/quotient/2011/05/01/2837/N

Issue detail

The REST URL parameter 6 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 6, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response 1

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''N'' ORDER BY `report_date` DESC LIMIT 2' at line 2</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.seoq.com

Path:

/quotient/2011/05/01/2838/N

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 5, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' and ' at line 1</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Certain

Host:

http://www.seoq.com

Path:

/quotient/2011/05/01/2838/N

Issue detail

The REST URL parameter 6 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 6, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response 1

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''N'' ORDER BY `report_date` DESC LIMIT 2' at line 2</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.seoq.com

Path:

/quotient/2011/05/01/2839/N

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 5, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' and ' at line 1</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Certain

Host:

http://www.seoq.com

Path:

/quotient/2011/05/01/2839/N

Issue detail

The REST URL parameter 6 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 6, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response 1

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''N'' ORDER BY `report_date` DESC LIMIT 2' at line 2</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.seoq.com

Path:

/quotient/2011/05/01/2840/N

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 5, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' and ' at line 1</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Certain

Host:

http://www.seoq.com

Path:

/quotient/2011/05/01/2840/N

Issue detail

The REST URL parameter 6 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 6, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response 1

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''N'' ORDER BY `report_date` DESC LIMIT 2' at line 2</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Firm

Host:

http://www.seoq.com

Path:

/quotient/2011/05/01/2841/N

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 5, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' and ' at line 1</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Certain

Host:

http://www.seoq.com

Path:

/quotient/2011/05/01/2841/N

Issue detail

The REST URL parameter 6 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 6, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Response 1

<pre class="cake-debug"><a href='javascript:void(0);' onclick='document.getElementById("CakeStackTrace1").style.display = (document.getElementById("CakeStackTrace1").style.display == "none" ? "" : "...[SNIP]...</b> 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''N'' ORDER BY `report_date` DESC LIMIT 2' at line 2</span>...[SNIP]...

Summary

Severity:

High

Confidence:

Tentative

Host:

http://www.cricbuzz.com

Path:

/favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Summary

Issue detail

The REST URL parameter 1 appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Summary

Issue detail

The REST URL parameter 1 appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Summary

Severity:

High

Confidence:

Certain

Host:

http://ad.doubleclick.net

Path:

/adi/N3382.Yahoo/B5116950.16

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 527ab%0d%0a3565611b9b4 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Summary

Severity:

High

Confidence:

Certain

Host:

http://ad.doubleclick.net

Path:

/adi/N3941.InviteMedia/B5414127.32

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 83f32%0d%0a81dda35bbd7 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Summary

Severity:

High

Confidence:

Certain

Host:

http://ad.doubleclick.net

Path:

/adj/wpni.jobs/front

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 889bb%0d%0ac948c2d7ba2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Summary

Severity:

High

Confidence:

Certain

Host:

http://na.decdna.net

Path:

/n/61239/71938/EI6/x/e

Issue detail

The value of REST URL parameter 2 is copied into the location response header. The payload 81751%0d%0a4daf40cbe6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Summary

Severity:

High

Confidence:

Certain

Host:

http://na.decdna.net

Path:

/n/61239/71938/EI6/x/e

Issue detail

The value of REST URL parameter 4 is copied into the location response header. The payload a58b5%0d%0aa827e2ca2c6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Summary

Severity:

High

Confidence:

Certain

Host:

http://na.decdna.net

Path:

/n/61239/71938/EI6/x/e

Issue detail

The value of REST URL parameter 5 is copied into the location response header. The payload 80700%0d%0af0193fdb2e3 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Summary

Severity:

High

Confidence:

Certain

Host:

http://ad.doubleclick.net

Path:

/adi/N3941.InviteMedia/B5414127.32

Issue detail

The value of the adurl request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f9596"-alert(1)-"aec72338c29 was submitted in the adurl parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Summary

Severity:

High

Confidence:

Certain

Host:

http://ad.doubleclick.net

Path:

/adi/N3941.InviteMedia/B5414127.32

Issue detail

The value of the ai request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6a68d"-alert(1)-"b83921a49ea was submitted in the ai parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Summary

Severity:

High

Confidence:

Certain

Host:

http://ad.doubleclick.net

Path:

/adi/N3941.InviteMedia/B5414127.32

Issue detail

The value of the client request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e083d"-alert(1)-"fd19c0fdbf9 was submitted in the client parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Summary

Severity:

High

Confidence:

Certain

Host:

http://ad.doubleclick.net

Path:

/adi/N3941.InviteMedia/B5414127.32

Issue detail

The value of the num request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f777b"-alert(1)-"69d52534c85 was submitted in the num parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Summary

Severity:

High

Confidence:

Certain

Host:

http://ad.doubleclick.net

Path:

/adi/N3941.InviteMedia/B5414127.32

Issue detail

The value of the sig request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f37f3"-alert(1)-"174e9b66d51 was submitted in the sig parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Summary

Severity:

High

Confidence:

Certain

Host:

http://ad.doubleclick.net

Path:

/adi/N3941.InviteMedia/B5414127.32

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2a167"-alert(1)-"e2b4b064d7c was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Summary

Severity:

High

Confidence:

Certain

Host:

http://ad.doubleclick.net

Path:

/adj/wpni.jobs/front

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload de551'%3balert(1)//17b4bcec7f4 was submitted in the sz parameter. This input was echoed as de551';alert(1)//17b4bcec7f4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Summary

Severity:

High

Confidence:

Certain

Host:

http://ad.turn.com

Path:

/server/pixel.htm

Issue detail

The value of the fpid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6123"><script>alert(1)</script>730c7e9bf00 was submitted in the fpid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.